Privacy for Free Lunch! Skip to main content

Gartner Forecasts Security and Risk Management Spending in India to Grow 12% in 2024

  GenAI-Driven Attacks Require Changes to Application and Data Security Practices and User Monitoring End-user spending on security and risk management (SRM) in India is forecast to total $2.9 billion in 2024, an increase of 12.4% from 2023, according to a new forecast from Gartner, Inc. Indian organizations will continue to increase their security spending through 2024 due to legacy IT modernization using cloud technology, industry demand for digital platforms, updated regulatory environment, and continuous remote/hybrid work. “In 2024, chief information and security officers (CISOs) in India will prioritize their spending on SRM to improve organizational resilience and compliance,” said  Shailendra Upadhyay , Sr Principal at Gartner. “With the introduction of stringent government measures mandating security breach reporting and digital  data protection , CISOs are facing heightened responsibility in safeguarding critical assets against evolving cyber threats.” Gartner a...
Post a Comment

Privacy for Free Lunch!


Details
Published on Friday, 22 June 2012 16:19
Written by Craig Sutherland
As technology evolves, more and more enterprises are adopting online collaboration applications within the workplace. Not so long ago, such a practice was considered only for home users and technology geeks. Security was the main concern back then. Vendors such as RIM and its blackberry service did a magnificent job of providing an email and messaging service, which is considered secure.



In fact, the platform is so secure that service providers carrying the service have no visibility of the messaging platform whatsoever. Corporations suddenly had a secure mobile messaging platform which ticked all the right security boxes. Yes, life was simple back then. We got up and went to work, logged onto our computers, opened the locally installed applications and accessed the data stored on the server in the back office, and got on with our day.



However, something started to change, the mobile workforce. The notebook computer of the 2000's was the last generation of portable computers to be called a laptop. It weighed about the same as a pile of bricks and the battery would only last for a hour, and if you could tolerate the heat it emitted while resting on your lap, you could also become sterile! The cost of a laptop computer was nearly three times that of a comparable desktop computer.



Therefore, only the top executives or elite got one, and they were seen as a fashion accessory, since everyone at the CxO level had a PA or secretary to answer or write correspondence. Once laptops became smaller, more portable and cheaper, the VPN came along to tether them back to the office, and provided secure access to email, files and applications. The concept of mobile workforce is nothing new, insurance companies, banks and sales organisations have been doing it for decades.



What has changed is the efficiency with which these organisations operate. The efficiency has been enabled with technology. Today, every mobile sales person uses a notebook computer, and this has meant the demise of the branch office as the hub of collaboration. Today, entire global organisations have slashed costs and increased productivity and efficiency by having their staff operate from home, the airport, on the road, wherever.



Gone are the days where you clocked out at 5pm and forgot about work until the next day. Technology has meant that we never really stop working, or thinking about it, even on vacation. Fast forward to 2012, the corporate data centre is being replaced by cloud computing. Entire data centres are being virtualized and the mobile workforce is connected to shared resources hosted on the Internet, rather than the corporate HQ.

It would seem today many multinationals have thrown caution to the wind, by embracing cloud computing and the third parties, which host their sensitive corporate data. Organisations are supporting BYOD from employees, relaxing the security protocols, which were once in place and basically trading security for operational efficiency and ease.

What has fascinated me about this transition is witnessing the changing mindset of corporations. Going back some ten years, multinationals would not even entertain the thought of a third party managing its data, let alone, the concept of keeping it all in the cloud. Like everything, cloud computing has its merits and demerits. This article is about technological revolution and how much we are willing to compromise.  



Let us look at four scenarios where cloud computing can be compromised, impacting enterprises.  

1. Corporate Espionage


Today, Skype and other online calling services are being used more and more for business purposes. The convenience and costs are incredible, a video or audio conference can be setup in seconds and the quality is pretty good as well. However, even though Microsoft,  which owns Skype, doesn't record conversations, the vendor keeps all session information for quality purposes. The vendor may share this information with a third party to improve the quality of the service.



There will be a wealth of information reported such as the IP address, user name, computer equipment type, number of calls, duration and location. So, now an unknown third party knows your IP address schema, internal and public, the types of computer on your network, which parts of the world you call and how often. If you are using instant messaging services, then the chat conversations are also available in an unknown public arena. Do you care? IBM recently stopped its employees from using Apple’s SIRI voice application on its iPhone smartphone, since Apple would not conform to anonymizing the user session information.

2.   Loss of Data (Intellectual Property)

Let us say you move your entire CRM operations into the cloud. You can decrease your operational costs by not having to maintain IT staff and data centres. For your sales force, this is the goldmine, which keeps your business running. Something happens to your cloud provider, a new unknown virus sweeps through all the hosted virtual servers wiping out your data in its path. In the old days, a backup tape could get you up and running after some outage.



But, let us say the provider’s automatic backup and the snapshot you made in the cloud are both dead. What then? Amazon EC2 experienced an outage in one of its data centers, admittedly it managed to restore service quite rapidly. However, ultimately you are at the mercy of the provider, if you don't have a solid local backup solution. How quickly can you restore a local backup, do you have a disaster recovery solution which is tried and tested?

3. Criminal Prosecution

In the good old days if your organisation was suspected of any unfavorable activities, authorities needed to secure a search warrant, seize computers and you generally got the impression that something was going down. Today, under the United States’ wide ranging search and seizure terrorism laws, a third party hosting your data is obligated to open the back door into your operations, and most likely without your knowledge.



What happens to your sensitive data once, it has been thoroughly reviewed and found to have no impact on the investigation? Data is promptly deleted erased and forgotten about, obviously! This is the major reason why European companies are so slow on cloud computing adoption. The European privacy laws just don't translate internationally.

4. Privacy

As the cost of Megabyte of storage becomes less and less, your browsing history, online documents and social networking connections, both personal and professional are interconnected, working in tandem to construct a profile of who you are. From the online holiday tickets you buy each year to the fishing tackle box you paid for using PayPal, all the descriptions and details of your online activity is recorded and stored, forever. Cross referenced against your business connections and activity these third parties can calculate how much you earn and even when you are paid.

The free lunch!

Is there such a thing as a free lunch, when it comes to the Internet? You can be forgiven for thinking there is. Free 5Gb of disk storage, free Internet calling, free email account, free instant messaging, all these things come at a cost, your privacy. Who would have believed twenty years ago that something as trivial as your email address would be worth something to someone.



Targeted advertising, based on your buying habits are designed to channel as much of your spare change in the direction of the advertisers who collect, store and correlate your online activity. With a billboard on the side of the road, the advertiser doesn't know how effective the advertisement is, how many people called as a result of seeing it. With online advertising, confirmation of success is based on a mouse click, so the campaign can be tuned instantly to be more effective. Do you care?

Next week, in my second part of the article, I will talk about step you can take to reduce your exposure, whilst still enjoying the benefits of next generation technology.

Comments

Post a Comment

Popular posts from this blog

Mobile Phones Sales Plummet

Details Published on Thursday, 16 August 2012 06:34 Worldwide sales of mobile phones reached 419 million units in the second quarter of 2012, a 2.3 percent decline from the second quarter of 2011, according to Gartner. Smartphone sales accounted for 36.7 percent of total mobile phone sales and grew 42.7 percent in the second quarter of 2012. "Demand slowed further in the second quarter of 2012," says Anshul Gupta, principal research analyst at Gartner. "The challenging economic environment and users postponing upgrades to take advantage of high-profile device launches and promotions available later in the year slowed demand across markets. Demand of feature phones continued to decline, weakening the overall mobile phone market. "High-profile smartphone launches from key manufacturers such as the anticipated Apple iPhone 5, along with Chinese manufacturers pushing 3G and preparing for major device launches in the second half of 2012, will drive the smartpho...
257 comments
Read more

Now facebook hit with international class action privacy suit

An Austrian privacy activist has launched a wide-reaching class action suit against Facebook Ireland for breaching European data protection law. Anyone outside of the US and Canada can join activist and law student Max Schrems' suit via the website fbclaim.com, since they will have signed up to Facebook's terms and conditions via the Dublin-based European subsidiary. That amounts to around 82 percent of all Facebook users. After being live for just one hour, the site has collected 100 participants. The suit is seeking damages of €500 ($537) per user, and injunctions to be levied on the company for the following breaches:     Failing to get "effective consent" for using data     Implementing a legally invalid data use policy     Tracking users online outside of Facebook via "Like" buttons     Using big data to monitor users     Failing to make Graph Search opt-in     The unauthorized passing of use...
1 comment
Read more

Cabling and Data Explosion

Details     Published on Tuesday, 13 November 2012 05:39 The explosion of 'big data' and the seemingly limitless demand for bandwidth are driving trends in today's IT-centric world. The 'faster, better, most cost effective' mentality has led enterprises of all sizes to closely scrutinize their communications networks and networking infrastructure. network-cables The need to deploy high speed network backbones that meet future requirements, while simultaneously reducing costs, present conflicting interests. With the need for higher bandwidth and flexibility for growth, organizations are looking at the network's physical layer and its overall life cycle as a capital investment that is essential to the business. Throw into this conundrum the increasing focus on sustainability and the task of designing a network high-performance, high-efficiency network seems almost insurmountable. Addressing efficiency at a physical infrastructure level has fueled the growing ado...
1 comment
Read more